Memory Protection in Operating Systems
Last Updated :
18 Jan, 2022
In this article, we will be discussing memory protection in operating systems. As we know that different operating systems use different forms of memory protection or separation which consists of Plan9 and Inferno, Microsoft Windows, etc.
In Memory protection, we have to protect the operating system from user processes and which can be done by using a relocation register with a limit register. Here, the relocation register has the value of the smallest physical address whereas the limit register has the range of the logical addresses. These two registers have some conditions like each logical address must be less than the limit register. The memory management unit is used to translate the logical address with the value in the relocation register dynamically after which the translated (or mapped) address is then sent to memory.
Support for relocation and limit registers in processIn the above diagram, when the scheduler selects a process for the execution process, the dispatcher, on the other hand, is responsible for loading the relocation and limit registers with the correct values as part of the context switch as every address generated by the CPU is checked against these 2 registers, and we may protect the operating system, programs, and the data of the users from being altered by this running process.
Need of Memory protection:
Memory protection prevents a process from accessing unallocated memory in OS as it stops the software from seizing control of an excessive amount of memory and may cause damage that will impact other software which is currently being used or may create a loss of saved data. These resources of memory protection also help in detecting malicious or harmful applications, that may after damaged the processes of the operating system.
Methods of memory protection:
There are various methods for protecting a process from accessing memory that has not been allocated and some of the commonly used methods are given below:
Memory Protection using Keys: The concept of using memory protection with keys can be found in most modern computers with the purpose of paged memory organization and for the dynamic distribution between the parallel running programs. The keys are based on the use of special codes as we can verify the compliance between using arrays of memory cells and the number of running programs. This key method gives the users a process to impose page-based protections without any modification in the page tables.
Memory Protection using Rings: In CS, the domains related to ordered protection are called Protection Rings. This method helps in improving fault tolerance and provides security. These rings are arranged in a hierarchy from most privileged to least privileged. In the single-level sharing OS, each and every segment has a protection ring for the process of reading, writing, and executing operations of the process. If there is a use of a higher ring number by the process then the ring number for the segment creates a fault. But we do have some methods for calling the procedures safely that can run in a lower ring number and then return to the number of the higher ring.
Capability-based addressing: It is a method of protecting the memory that cannot be seen in modern commercial computers. Here, the pointers (objects consisting of a memory address) are restored by the capabilities objects that can only be created with the protected instructions and may only execute by a kernel, or by another process that is authorized to execute and therefore it gives an advantage of controlling the unauthorized processes in creating additional separate address spaces in memory.
Memory Protection using masks: The masks are used in the protection of memory during the organization of paging. In this method, before the implementation, the page numbers are indicated to each program and are reserved for the placement of its directives. Here the allocated pages for the program are now given the control of the operating system in the form of mask code (an n-bit binary code) which is formed for every working program that is determined by the bit number of OD pages.
Memory Protection using Segmentation: It is a method of dividing the system memory into different segments. The data structures of x86 architecture of OS like local descriptor table and global descriptor table are used in the protection of memory.
Memory Protection using Simulated segmentation: With this technique, we can monitor the program for interpreting the machine code instructions of system architectures. Through this, the simulator can help in protecting the memory by using a segmentation using the scheme and validating the target address of every instruction in real-time.
Memory Protection using Dynamic tainting: Dynamic tainting is a technique that consists of marking and tracking certain data in a program at runtime as it protects the process from illegal memory accesses. In tainting technique, we taint a program to mark two kinds of data i.e., memory in the data space and the pointers.
Similar Reads
Prepaging in Operating System Prerequisite – Virtual Memory in Operating System As suggested by the concept of virtual memory, it is not necessary that the entire process should be loaded into the main memory at the given time. The process can be executed efficiently if only some of the pages are present in the main memory at a
4 min read
Process in Operating System A process is a program in execution. For example, when we write a program in C or C++ and compile it, the compiler creates binary code. The original code and binary code are both programs. When we actually run the binary code, it becomes a process. A process is an 'active' entity instead of a progra
3 min read
Virtual Memory in Operating System Virtual memory is a memory management technique used by operating systems to give the appearance of a large, continuous block of memory to applications, even if the physical memory (RAM) is limited. It allows larger applications to run on systems with less RAM.The main objective of virtual memory is
15+ min read
Paging in Operating System Paging is the process of moving parts of a program, called pages, from secondary storage (like a hard drive) into the main memory (RAM). The main idea behind paging is to break a program into smaller fixed-size blocks called pages.To keep track of where each page is stored in memory, the operating s
8 min read
Segmentation in Operating System A process is divided into Segments. The chunks that a program is divided into which are not necessarily all of the exact sizes are called segments. Segmentation gives the user's view of the process which paging does not provide. Here the user's view is mapped to physical memory. Types of Segmentatio
4 min read
Levels of Memory in Operating System Memory hierarchy of a computer system it handles differences in speed. "Hierarchy" is a great way to say "order of thinks" like top to bottom, fast to slow, most important to least important. If you look at the memory hierarchy inside the computer, according to the fastest to the slowest: 1. CPU Reg
3 min read